<?php

ob_start("ob_gzhandler");

$username="dragonballpalace2";
$password="";
$database="dragonballpalace2_nl_db";
$ckey=$_COOKIE['specukey'];

function return403(){
header("HTTP/1.0 403 Forbidden");
echo "<!DOCTYPE HTML PUBLIC \"-//IETF//DTD HTML 2.0//EN\">\n
<html><head>\n
<title>403 Forbidden</title>\n
</head><body>\n
<h1>Error 403 Forbidden</h1>\n
<p>You don't have permission to access this resource
on this server.</p>\n
</body></html>";
exit();
}

if (!isset($ckey)) {
return403();
}

mysql_connect(localhost, $username, $password);
mysql_select_db($database);
$res = mysql_query("SELECT * FROM gotm_specuser WHERE uname='MFB'");
$result = mysql_result($res, 0, "ukey");
$hcheck = mysql_result($res, 0, "hname");
$vdate = mysql_result($res, 0, "valid");

if ($result === !$ckey)
{
return403();
}

if ($hcheck === !$REMOTE_ADDR)
{
return403();
}

$cdate = date(z);
if ($cdate <= $vdate)
{
return403();
}

$cr = crypt(microtime());
$r13 = str_rot13($cr);
$shf = str_shuffle($r13);
$rev = strrev($shf);
$output = sha1($rev);
$ndate = $cdate+5
$uname=$_POST['uname']

mysql_query("UPDATE gotm_specuser SET ukey='$output', valid='$ndate' WHERE uname='$uname'");

setcookie("specukey", $output, time()+432000);

if(stristr($_SERVER["HTTP_ACCEPT"],"application/xhtml+xml"))
{
header("Content-type:application/xhtml+xml;charset=utf-8");
}
else
{
header("Content-type:text/html;charset=utf-8");
}
header("Vary: Accept");
echo "<?xml version=\"1.0\" encoding=\"UTF-8\"?>";
echo "<?xml-stylesheet type=\"text/css\" href=\"../CSS/log.css\"?>";
?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="nl">
<head>
<title>G0t m@il? v0.0.5! Crew Control Panel, seckey-genrator.</title>
</head>
<body>

<?php

echo "<em>Security key generated and added to cookie for direct usage! Valid for 5 days.</em>";
?>

</body>
</html>
